using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using DevExpress.XtraEditors;
using System.Data.SqlClient;
using System.Web.Security;

namespace TX
{
    public partial class Login : Base
    {
        public Login()
        {
            InitializeComponent();
        }


        public string CheckCredentials(string Username, string password)
        {
            //SqlConnection sqlConnection = new SqlConnection(Properties.Settings.Default.Karbel4ConnectionString);
            //SqlDataAdapter sqlDataAdapter = new SqlDataAdapter("GetUpdateStatus", sqlConnection);
            //sqlDataAdapter.SelectCommand.CommandType = System.Data.CommandType.StoredProcedure;
            //sqlDataAdapter.SelectCommand.Parameters.Add("@lastUpdate", SqlDbType.DateTime);

            using (SqlConnection con = new SqlConnection(Properties.Settings.Default.Karbel4ConnectionString))
            {
                con.Open();
                SqlCommand cmd = new SqlCommand("select * from Contact where Username=@Username", con);
                cmd.Parameters.AddWithValue("@Username", Username);
                SqlDataReader dr = cmd.ExecuteReader();
                if (!dr.Read())
                    return "";
                
                string ContactId = dr["ContactId"].ToString();
                string salt = dr["PasswordSalt"] as string;
                string storedHashedPassword = dr["PasswordHash"] as string;
                if (storedHashedPassword == null) storedHashedPassword = "";

                if (storedHashedPassword.Length < 20)
                {
                    if (password == storedHashedPassword)
                    {
                        Login2 login2 = new Login2(Username, storedHashedPassword);
                        login2.ShowDialog();
                        return ContactId;
                    }
                    else
                        return "";
                }
                else
                {
                    string givenHashedPassword = FormsAuthentication.HashPasswordForStoringInConfigFile(salt + password, "SHA1");

                    if (storedHashedPassword == givenHashedPassword)
                        return ContactId;
                    else
                        return "";
                }
            }
        }

        private void simpleButton1_Click(object sender, EventArgs e)
        {
            string ret = CheckCredentials(textEditUsername.Text, textEditPassword.Text);
            if (ret != "")
            {
                try
                {
                    using (SqlConnection con = new SqlConnection(Properties.Settings.Default.Karbel4ConnectionString))
                    {
                        con.Open();
                        SqlCommand cmd = new SqlCommand("UpdateLoginStatus", con);
                        cmd.Parameters.AddWithValue("@ContactId", Convert.ToInt32(ret));
                        cmd.Parameters.AddWithValue("@LoginHistoryId", 0);
                        cmd.CommandType = CommandType.StoredProcedure;
                        TX.Base.LoginHistoryId = Convert.ToInt32(cmd.ExecuteScalar().ToString());
                        TX.Base.CurrentUser = Convert.ToInt32(ret);
                        this.DialogResult = DialogResult.OK;

                    }
                }
                catch (Exception Ex)
                {                    
                    //throw;
                }

            }
            else
            {
                textEditPassword.Text = "";
                textEditPassword.Focus();
            }
        }

      

        private void simpleButton2_Click(object sender, EventArgs e)
        {
            this.DialogResult = DialogResult.Abort;
        } 

    }

}